The invention relates to systems and methods for protecting computer and mobile communication systems from malware, and in particular to protecting users of such devices from privacy-invading and/or fraudulent use of personal data.
Modern mobile computing and telecommunication devices, such as smartphones, tablet computers, and wearable computing devices, are capable of executing a variety of application programs, commonly known as apps. Such applications are developed by thousands of developers worldwide, and may be downloaded from specialized online aggregators such as Apple, Inc.'s App Store®, or Google's Google Play®. Applications may use components, features, and functionalities of the respective mobile device, such as a camera or a geolocation feature of the device. For instance, an application may determine a current geographical position of the device and display to a user a list of restaurants located in the vicinity of the current position.
Some applications may access personal information of the users, such as a user's name, street address, telephone number, email address, or contact list, among others. Other examples of data accessed by apps include identification data and a network address of the respective mobile device. Some applications may further modify, record, and/or transmit such information to other parties over local or wide-area networks, including the Internet. In some cases, such operations are performed without knowledge or permission of the respective user, thus exposing the user to a risk of privacy invasion and, in worst cases, fraud. Often, users are unaware of such risks.